Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes "The Power Pwn may look like a power strip, but it's actually a DARPA-funded hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks. If you see one around the office, make a point to ask if it's supposed to be there. Pwnie Express, which developed the $1,295 tool, says it's 'a fully-integrated enterprise-class penetration testing platform.' That's great, but the company also notes its 'ingenious form-factor' (again, look at the above picture) and 'highly-integrated/modular hardware design,' which to me makes it look like the perfect gizmo for nefarious purposes."

According to the
link from cryptome than an AC has provided further down here [cryptome.org], the hardware is indeed mostly made in China. What makes this US made to the satisfaction of the government is that the software that makes this thing what it is, is made in the US, replacing all the original code.

This document goes on at length about how that can be. As an EE, not a lawyer, I found the information that the "brain" is a SheevaPlug to be more interesting.

TFA says "Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools, & more". Which leads us to a question, since they're distributing it: are they in compliance with relevant licenses (e.g. GPL) if they have they modified any of the FOSS packages ?

I believe he's taking the tack that GPL and so forth are not free as they impose restrictions (the encumbrance he refers to) in which case he appears to be saying that the only true free open source is BSD/PD and so forth

Part of a penetration test should be, and I don't think I need to remind those who are active in the cybersecurity industry of this(!), creating hacking devices that look as if they're part of the furniture - like they're supposed to be there.

the problem with a wastebasket is that it's not generally supposed to have cables going to/from it. That means you will have to run off batteries (running off batteries long term is a MAJOR PITA) and you will be limited to wireless hacks.

OTOH power strips are expected to have power and ones with communication surge protection while relatively unusual are not unheard of. This means that you can have power and network going to the "hacking device disguised as a power strip" without it looking too suspicious.

Build it into something above a waste can like a shredder. While you're at it, make a shredder that is also a scanner. Getting it to work when fed multiple sheets at once would be the and-one-more-thing feature.

When I have been around data installations, everything got marked and recorded - component boards, memory sticks, hard drives, cabinets, power strips, UPS bricks, cables, even down to any piece of plastic that could potentially house a small bug (such as three pin plugs, notwithstanding the fact that I insisted on using plugs that were moulded to the cable at both ends). During the regular hardware audits, every device, cable and connector was checked against the catalogue. Anything that didn't match up was ripped out immediately and replaced with a known quantity.

I predict these will start showing up in corporate parking lots [slashdot.org]. "Ooh! Look, someone dropped a power strip! I've been telling my boss I need more outlets in my cubicle since he won't let me charge my phone by plugging it into the computer anymore... this will do nicely! And is that a USB stick on the ground? Oh, almost got me there. I know better than to plug that in."

You should be considering how and where you are going to convincingly deliver 1,000 of these devices to the top 50 banks as if they were part of the normal office supply delivery.

I recommend branch offices rather than corporate HQ. Stuff like power strips are always in short supply, and at branch offices they'd happily accept (and without any questions) an accidental delivery of 3 from the office supply company via FedEx. And at branch offices I've done work in, there'

F no! For $1,295, I'm wrapping this sucker up in several layers of aluminium foil [wired.com] and I'm taking it home to sell on ebay. The same goes if I find any nefarious-looking device stuck on my car.

No, it's just recently come out. It's one of the mini-projects funded via the DARPA Cyber Fast Track, currently run by Mudge. Their list of funded projects is publicly available on their website (and updated reasonably frequently) and they encourage sharing the results of projects.

I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)

It would strike me as much more effective to use a device that already has a lot more heft to it, so the weight difference wouldn't be noticed.

I know the Soviets discovered several CIA bugs because things like their copiers were just a few ounces heavier than a stock model.

I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)

Well, I said this elsewhere, but when I saw the picture I thought it could pass for a UPS -- and who is going to question a heavy UPS? You can get even nastier with a UPS, since it normal for it to be connected to a USB port or to a LAN (if my power strip were connected to a LAN, I would be a bit curious).

"I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)"

Let's say I do see one of these things in the office and I take your advice that I should call somebody to find out if that thing is supposed to be there. This raises the important question of whom I should call. If it's not supposed to be there, that means that somebody, possibly one of my co-workers planted it. PROBABLY one of my co-workers planted it. Now my trust in all my coworkers is in question.

Not that it's not already in question. Maybe I should call Homeland Security. And maybe Homeland Sec

This raises the important question of whom I should call. If it's not supposed to be there, that means that somebody, possibly one of my co-workers planted it. PROBABLY one of my co-workers planted it. Now my trust in all my coworkers is in question.

If I find one of these things in my office, I'd call information security; if need be they can talk to physical security to figure out how it got there. If one of my co-workers planted it (and it wasn't a legitimate test, in which case I suppose blue team won),

Maybe I better take a closer look at those "smart" power strips the utility company sent me "for free". On second thought, nahhhhh.....I don't care that much. After all, I run some LAN subnets over NETGEAR® Powerline [netgear.com] equipment; anybody who wants to nib can do it at their convenience right over the grid.

Now that's thoughtful of me; they wouldn't even have to burn the gas getting that van with the WiFi capture/decode equipment in it out here.

and how much will the insurance cost to cover your 200$ shit homebrew shoebox power strip when it burns a multi-million dollar factory down.

A recent quote from an EE company that I just happen to have on my desk right now puts cost of compliance with CE & similar electrical safety rules for a short-run product (a device my client is considering installing at a few hundred of their clients' sites) at about $70 per piece. I'm convinced that this "power strip" is being manufactured in much larger quantities than that, so costs should be reduced: so again, where is the money going? It doesn't do anything innovative, plus it's had government funding for its development, so it should have had lower development costs than if one of us were to make it.

I work for the government, and if I were ever to contract to the government to make something I would charge an arm and a leg for it because they burn a lot of time in pointless changes, process and administration. Plus they haven't got a clue and pay whatever you charge.

Your second part about not having a clue is incorrect. I also work in Government, and I can say that the reason is that there is a mentality of "it's only money" which basically means they don't bat an eyelid at spending millions of dollars on pointless consultation and analysis, only to run out of money to implement recommendations.

And that's not all- to the procurement people, it's not just "only money" it's someone else's money. Plus they get brownie points for pushing down costs so vendors intentional

I have an uncle who runs a small company building electronic devices. He says that certification costs about $200 to get the guy to come out, but once he's there he's happy to do as many devices as you've got ready (within reason, probably).

I know, hackers always get insurance before they embark on their activities. My local insurance agents all offer "Hacking Insurance". It even comes bundled with my homeowner's insurance, at State Farm!!

And yet while every single time someone does something interesting there's a snivelling asshole like you there to poo-pooh how "easy it would be to just...", we never, ever hear of your much cheaper yet equally effective copies of the thing in question for some reason which I just can't figure out.

Instead of being bitter and resentful towards those who actually create new things, why don't you go and invent some yourself?

Oh wait, that's like... real work and effort and thinking and shit. Back to the TeeVee it is!

Its probably got the weight down to something reasonably comparable too. After reading through to specs, they seem to have a lot of hardware features with some power behind it too. If a power strip/ surge protector weighs as much as a battery backup, someone is going to ask some questions.

If a power strip/ surge protector weighs as much as a battery backup, someone is going to ask some questions.

I'd be surprised if they weren't making UPS versions of products like this also. If anything that is more likely something you'd connect to your network without questioning, for monitoring. The chance people would connect the RJ45 ports (I'm guessing these are supposed to protect against power surges) is a lot less in a corporate environment.

The first thing I thought when I saw this was how annoyed I'd be if I spend over $1000 and no-one plugged anything into any of the data ports. I'm guessing it could

Simple answer? Plug a printer (preferably one of those copier monstrosities) into one of the data ports. Noone would bat an eyelid at sticking a $3000 printer on a "surge protector" so you'd probably get away with it.

Think about what you just said. Some cosmetic damage might make the hacked powerstrip more acceptable. Slap a shiny, new bit of equipment into an office, and it might raise a little curiosity.

Now, take a somewhat abused looking home-brew unit, and put it someplace in the same office. No curiosity, at all. Where I work, there is no shiny, pretty, new, or nice. Everything is beaten to hell and back!!

I use UPS bricks that come with suppressor circuits for ethernet/RJ11 and USB (they also supply power for USB). Very handy pieces of kit, and the batteries are fairly easily replaced as well. So no, the plethora of different connectors is nothing new for me (I used to sell the things as well).

for wifi, I have a t-shirt [thinkgeek.com]. If I come across an unexpected signal (indicated by my chest lighting up) out comes the netbook and sixty seconds later if it's a WEP node I'm in. Sooner if it's an open node.for Bluetooth I have a nifty little custom app on my netbook that beeps every so often and logs any and all Bluetooth activity that comes into range. Oh, to have something like that on an Android phone...

A good one-size-fits-all tool I've been using for years is a wideband RF meter. This gadget uses custom 8

It's really not hard to find them with Cisco gear managed by Cisco Wireless Control System [cisco.com]. WCS will automatically triangulate them so you can physically locate them and you can even block/disable rogue APs (talk to legal before blocking/disabling Wifi APs, re:FCC & unlicensed spectrum). I've used it this last week to track down 3 rogue APs which were permanently installed by employees for personal employee use (turns out they BYOI from a WISP and then share with those who want to chip in and only use

never mind the state of the shielding, what about the overall quality of the bricks?

Some years ago, I came across an increasingly familiar problem with eMachines systems. These things are assembled in California using Chinese components, including Bestec power supplies assembled in Taiwan. The problem with these power supplies was the capacitors. Seems that a rather large batch of them were assembled with GP bronze caps, resulting in thousands of units supplied to eMachines which had the potential to cause

You do realise the Chinese mains socket is compatible with the Australian mains plug? The only difference is that the Australian pins are slightly thinker, so may make it a little hard to push into the socket, (oh and they are upside down) [wikipedia.org].

it really doesn't matter, everything that plugs into this box uses switching power supplies which have a wide range of voltages

never mind the fact that commercial AC transmission standards was developed in the USA in serious scale, thus making every one else "wrong". on a side rant I never figured out why so many people outside the states stick to a 50Hz cycle rate, its just nonsense... is there a metric second I was unaware of?

the 25/50/60/120/133/400Hz* standards were just technical compromises based on application, nothing more.

*25Hz: Niagra Project50Hz: most of the civilised world based on generator, transformer and transmission line size limitations (pretty much)60Hz: system developed by Lamme to suit most any HV situation120Hz: (failed) development system (combustion engines just couldn't rotate fast enough to run this frequency)133Hz: ditto

and then we have DC, system developed by Edison/GE. Problem with DC is that it's frea

the Pacific Intertie uses two conductors, each of which is just over 5cm diameter (including the core). The measured dissipation is around 260W/m*. Over the length of the line, 1362km, this equals a net loss through heating the wire of 354MW. The total voltage drop is 114kV. From a source output of 3.1GW, this is a 77% efficiency.

*considering this is about equivalent to solar flux (~0.15W/cm^2), that's a fairly significant loss as far as I can see.

It should be a dismissable offence it bring this thing any where near where you work.

All you need is to ship with UPS a sealed carton of ten or twenty of these devices, each in its own professionally printed box, to the maintenance department of the target company. Lowly workers, just a notch above janitors, will not be asking their bosses about such a simple item, and power strips are always needed. You can do this even if you never set foot into the country where the target company resides.

Funny, I was just thinking that. Most offices I've worked in and visited are terminally hard-up for power strips. If a box of 20 of them showed up they'd get used, no questions asked...although a bunch of them might make it into people's homes.

For industrial espionage, this would be priceless. Nobody checks to see if visitors are bringing power strips. Contractors bring their own all the time. Stick it in a conference room, or better yet an executive conference room, and you're golden. Does it come with a m